From 4f38ffc015c54cb3e50443b1797e7753d49d5957 Mon Sep 17 00:00:00 2001
From: "sergeyu@chromium.org"
 <sergeyu@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>
Date: Tue, 23 Aug 2011 21:10:02 +0000
Subject: Remove DisableOCSP().

Instead of calling DisableOCSP() all SSL socket used in sandbox should be created with reb_checking_enabled flag set to false.

BUG=93273
TEST=None

Review URL: http://codereview.chromium.org/7685040

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@97918 0039d316-1c4b-4281-b951-d872f2087c98
---
 remoting/protocol/jingle_stream_connector.cc | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'remoting')

diff --git a/remoting/protocol/jingle_stream_connector.cc b/remoting/protocol/jingle_stream_connector.cc
index 57e0fcd..f953a54 100644
--- a/remoting/protocol/jingle_stream_connector.cc
+++ b/remoting/protocol/jingle_stream_connector.cc
@@ -44,6 +44,11 @@ net::SSLClientSocket* CreateSSLClientSocket(
   cert_and_status.der_cert = der_cert;
   ssl_config.allowed_bad_certs.push_back(cert_and_status);
 
+  // Revocation checking is not needed because we use self-signed
+  // certs. Disable it so that SSL layer doesn't try to initialize
+  // OCSP (OCSP works only on IO thread).
+  ssl_config.rev_checking_enabled = false;
+
   // SSLClientSocket takes ownership of the adapter.
   net::HostPortPair host_and_port(
       ContentDescription::kChromotingContentName, 0);
-- 
cgit v1.1